Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A system comprising: a computer server comprising: an electronic data store storing personal data associated with a user; and one or more computer processors configured with specific computer executable instructions in order to cause the one or more computer processors to: receive, from the user, an indication of particular items and/or types of personal data to be stored in the electronic data store; receive, from the user, access credentials associated with the particular items and/or types of personal data to be stored in the electronic data store; obtain, via a computer network and using the access credentials, the particular items and/or types of personal data from a computing system of a first third-party by at least one of: accessing an application programming interface of the computing system of the first third-party, or scraping a web page received from the computing system of the first third-party; store, in the electronic data store, the particular items and/or types of personal data obtained from the computing system of the first third-party; receive, from a user, and store in the electronic data store: an indication of an association between a first default type of personal data and a first type of third-party, and an indication of an association between a second default type of personal data and second type of third-party; generate a unique identifier that is associated with the user; and communicate the unique identifier to a mobile computing device associated with the user; the mobile computing device comprising: a display; and one or more computer processors configured with specific computer executable instructions in order to cause the one or more computer processors to: receive the unique identifier; generate and display, on the display, a first interactive user interface including: an indication of the unique identifier, and one or more user-selectable elements by which the user may initiate wireless transmission of the unique identifier; receive, via input from the user, a selection of one of the user-selectable elements of the first interactive user interface; in response to selection of the one of the user-selectable elements of the first interactive user interface, initiate transmission of the unique identifier from the mobile computing device to a computing system of a second third-party via a wireless communications protocol, wherein the second third-party is of the first type; in response to initiation of transmission of the unique identifier from the mobile computing device to the computing system of the second third-party, generate and display, on the display, a second interactive user interface including: an indication of the second third-party, an indication that the first default type of personal data is accessible by the second third-party, wherein the indication of the association between the first default type of personal data and the first type of third-party was previously provided by the user, and one or more user-selectable elements by which the user may indicate additional types of personal data associated with the user to be accessible by the second third-party; receive, via input from the user, a selection of at least one of the user-selectable elements of the second interactive user interface; receive, via input from the user, an indication of a first purpose for which the second third-party may access personal data associated with the user; and in response to selection of the at least one of the user-selectable elements of the second interactive user interface, authorize the second third-party to access, for the first purpose and from the electronic data store of the computer server, one or more items of personal data associated with the user that are of the first default type and the one or more additional types indicated by the at least one of the user-selectable elements; wherein the one or more computer processors of the computer server are further configured with specific computer executable instructions in order to cause the one or more computer processors to: receive, from the computing system of the second third-party and over the computer network; a first request to access an item of personal data associated with the user from the electronic data store, wherein the first request includes the unique identifier and an indication of a second purpose for the first request, an indication of an identity of the second third-party, and one or more authentication data items; authenticate, based at least in part on the indication of the identity of the second third-party and the one or more authentication data items, the identity of the second third-party; compare the second purpose to the first purpose provided by the user; in response to determining that the second purpose and the first purpose match, determine whether the item of personal data is one of the one or more items of personal data that are of the first default type or the one or more additional types indicated by the at least one of the user-selectable elements; in response to determining that the item of personal data is one of the one or more items of personal data, transmit the item of personal data from the data store to the computing system of the second third-party over the computer network; and log access data associated with the first request, wherein the access data includes the identity of the second third-party, a date and time the item of personal data was transmitted, an identification of a type of the item of personal data that was transmitted, and the second purpose for the first request; wherein the one or more computer processors of the mobile computing device are further configured with specific computer executable instructions in order to cause the one or more computer processors to: generate and display, on the display, a third interactive user interface including: an indication of the identity of the second third-party, an indication of the date and time the item of personal data was transmitted, an indication of the type of the item of personal data that was transmitted, an indication of the second purpose for the first request, and a user selectable element by which the user may indicate a deauthorization of the second third-party to access the one or more items of personal data associated with the user; receive, via input from the user, a selection of the user-selectable element of the third interactive user interface; and in response to selection of the user-selectable element of the third interactive user interface, deauthorize the second third-party from further accessing, from the electronic data store, the one or more items of personal data associated with the user; wherein the one or more computer processors of the computer server are further configured with specific computer executable instructions in order to cause the one or more computer processors to: receive, from the computing system of the second third-party and over the computer network, a second request to access the item of personal data associated with the user from the electronic data store, wherein the second request includes the unique identifier; determine that the item of personal data is one of the one or more items of personal data; determine that the second third-party is not authorized to access the item of personal data; and notify the user that the second third-party attempted to access the item of personal data.
A system manages personal data using a server and a mobile device. The server stores user data in a data store. The user specifies what data to store and provides access credentials. The server retrieves this data from third-party systems using APIs or by scraping web pages. The user associates data types (e.g., address) with third-party types (e.g., retailers). The server generates a unique user identifier and sends it to the user's mobile device. The mobile device displays this identifier, allowing the user to wirelessly transmit it to a second third-party. The mobile device then shows the third-party's identity and indicates the default data type accessible to them. The user can then authorize access to additional data types for a specific purpose. The server authenticates third-party access requests, verifies the purpose matches the user's prior indication, checks data type permissions, and then sends the data, logging the access. The mobile app can deauthorize the third-party. If the third-party attempts unauthorized access, the server notifies the user.
2. The system of claim 1 , wherein the first purpose includes at least one of: enrollment, eligibility, registration, ad targeting, loyalty point calculations, or social-networking activities.
The system for managing personal data, as described previously, allows the user to specify the purpose for which a third party may access their data. This purpose can include options such as enrollment in a service, determining eligibility for a program, user registration, targeted advertising, calculating loyalty points, or facilitating social-networking activities. By specifying the purpose, the user maintains control over how their personal information is used by external entities and the system ensures data access aligns with the user's intended use case.
3. The system of claim 1 , wherein the one or more types indicated by the at least one of the user-selectable elements include at least one of: social media data, health data, professional data, credit data, or banking data.
The system for managing personal data, as described previously, allows the user to grant third parties access to various types of personal data, which can include social media data (e.g., posts, connections), health data (e.g., medical records, fitness tracking), professional data (e.g., employment history, skills), credit data (e.g., credit score, payment history), or banking data (e.g., account balances, transaction history). The user selects which of these types of data a third party can access, providing fine-grained control over data sharing.
4. The system of claim 1 , wherein authorizing the second third-party to access the one or more items of personal data associated with the user comprises: providing, to the computer server and from the user via the mobile computing device, at least one of: a software key, a software token, authentication data, identity data, a username and password, an encryption key, a digital signature, or a mobile device identifier associated with the mobile computing device.
The system for managing personal data, as described previously, authorizes the second third-party to access personal data associated with the user by having the user provide authentication information from their mobile device to the computer server. This authentication information can be a software key, a software token, general authentication data, identity data, a username and password combination, an encryption key, a digital signature, or the mobile device's identifier. This ensures secure and verified access to personal data, confirming the user's consent for the third party to retrieve the specified information.
Unknown
December 26, 2017
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.